1. Field of the Invention
The present invention relates generally to an improved data processing system, and in particular, to a computer implemented method for operating securing data communications. Still more particularly, the present invention relates to a computer implemented method, system, and computer usable program code for securing a communication protocol against attacks.
2. Description of the Related Art
Data processing systems communicate with each other using a variety of data communication protocols. A communication protocol is essentially a set of rules that data processing systems must obey in establishing data communications using the protocol. Among other things, data communication protocols specify the structure in which the data should be exchanged, and syntax, semantics, and sequence of the communication building blocks to be used for such exchange.
A data communication protocol may also provide some aspect of data security. For example, a data communication protocol may make it difficult for an intruder to intercept the data being communicated using the protocol. The protocol may also make it difficult for the intruder to change or spoof the data in the communication.
For example, two data processing systems may be engaged in data communication using transmission control protocol/Internet protocol (TCP/IP). Using a protocol, such as TCP/IP, often requires some identification of the source and destination addresses. For example, in TCP/IP, a source address (source IP address), a destination address (destination IP address), a source port, a destination port, and a protocol identifier is required to ensure that a data segment is communicated successfully over TCP/IP. A data segment is a unit of data communication formed according to a specification of the protocol.
An intrusion, interruption, or any type of undesirable interference with a protocol based data communication is called an attack on the protocol instance. A protocol instance is an instance of data communication using a protocol between a source and a destination data processing system. To attack a TCP/IP communication, an intruder can sniff and spoof the data segments being communicated. Sniffing a data segment is a process of detecting the particulars of a data segment or the protocol instance. Some types of attacks require the intruder to guess or detect at least the specific ports being used at each end of the data communication to attack the protocol instance.
A blind attack is a type of attack on a protocol based data communication infrastructure that does not require an intruder to sniff particular aspects of a data segment in order to attack a protocol instance. Often, a blind attack on a protocol instance, such as a TCP/IP instance, can be carried out by guessing the source and destination addresses and ports.